The National Cyber Security Centre (NCSC) - part of GCHQ - has produced practical advice for early years settings with tips on how to keep data and devices secure to protect themselves, children and families from cyber incidents.
The 'bespoke' guidance for Early Years education and childcare settings from the UK's cyber security experts offers practitioners tips on how to protect their devices and data from cyber incidents.
Early years providers are increasingly relying on technology to operate and are therefore an appealing target for cyber criminals due to the sensitive information they hold and payments they handle, the agency said.
Sarah Lyons, NCSC deputy director for economy and society engagement, said, ‘We know that incidents affecting the education sector are increasingly common, so it’s vital that all providers know how to secure their devices and sensitive data.
‘As many early years practitioners work on their own without dedicated IT support, this guidance sets out the practical first steps they can take to protect themselves from cyber incidents.
‘By following our advice, they’ll not only be keeping their businesses safe, but will also be keeping those in their care and families safe too.’
The guidance, which has been produced in consultation with major stakeholders, covers topics including setting up strong passwords on devices and accounts, how to communicate with families safely and dealing with suspicious messages.
It aims to help practitioners reduce the chances of falling victim to a cyber attack, and to help them recover from an incident if one does occur.
The four key steps for practitioners to follow are:
- Backing up your important information – identifying what data you couldn’t operate without or are legally obliged to safeguard and creating a proper back-up.
- Using passwords to control access to your computers and information – switching on password protection; using strong passwords and password managers; setting up two-factor authentication and communicating safely with families
- Protecting your devices from viruses and malware – turning on antivirus products and keeping IT devices up to date
- Dealing with suspicious messages (phishing attacks) – tips for spotting suspect messages and unusual requests, reporting these messages and what to do if you have already responded.
Children and families minister Vicky Ford said, ‘It is paramount that early years settings have robust cyber security in place to help them communicate with children, families and staff delivering early education and childcare provision safely.
‘Like most professions, the early years sector is increasingly reliant on technology and this new guidance will support them with protecting sensitive data and minimising the risk and detriments of a cyber security incident.
‘Education settings are directly responsible for their own security and data protection so I encourage all early years providers to take steps to improve their resilience online.’
Expert guidance and advice for other educational settings can be found on the NCSC website.
This includes questions for schools’ governing bodies to help with understanding of cyber risks, cyber security information cards for school staff and blogs aimed at securing home learning.
The NCSC recently led a webinar about cyber security for early years practitioners as part of Cyber Scotland Week. The session is still available to watch online on Education Scotland’s Glow DigiLearn platform.
